ISACA
Chief Information Security Officer
ISACA, Tempe, Arizona, us, 85285
The following duties, responsibilities, Knowledge, Skills, and Abilities (KSA's), and physical requirements are intended to describe the general nature and level of work being performed. The information listed below is not intended to be construed as a complete listing of all duties, responsibilities, KSA's, and physical requirements required of this position since changes to the position may occur at any time or additional requirements may be added over the course of time.
SUMMARY:Under the general supervision of the Executive Director of Information Technology Services, the incumbent provides a high level of information security analysis for Information Technology and other Temple College departments. Responsible for establishing and maintaining the information security program to ensure that information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected in the digital ecosystem in which Temple College operates. The incumbent is responsible for identifying, evaluating, and reporting on legal and regulatory, IT, and cybersecurity risks to information assets while supporting and advancing Temple College's objectives. Participates in the implementation efforts for various infrastructure projects. Provides consulting, problem determination and resolution, and needs analysis to support the use of technology by faculty, staff, and students. Additionally, the incumbent researches new technologies and leverages optimization techniques to ensure that systems operate efficiently.
MINIMUM EDUCATIONAL AND WORK REQUIREMENTS (MINIMUM QUALIFICATIONS):Master's Degree in Cybersecurity or Information Technology or related field and one (1) year directly related work experience, OR Bachelor's Degree in Cybersecurity or Information Technology or related field and three (3) years directly related work experience, OR Associate's Degree and five (5) years directly related work experience, or an equivalent blend of education and directly related work experience. Directly related work experience must be in an Information Networking or Security role. A combination of experience, certification, and education that demonstrates possession of the necessary knowledge and abilities for this position is required.
CERTIFICATION OR LICENSESA valid Texas Driver's License is required.
PREFERENCES:CompTIA Network+, Security+, CySA+, or equivalent.Fortinet Certified Associate (NSE4), or ability to earn within six months of hire.Previous work experience with Fortinet security products.Previous work experience in higher education or K12 environments.
RESPONSIBILITIES:Facilitates an information security governance structure by implementing a hierarchical governance program using the Information Technology Advisory Board.Defines and facilitates the processes for information security risk and legal and regulatory assessments, including reporting and overseeing treatment efforts to address negative findings.Provides regular reporting on the current status of the information security program to the College President and Executive Council as part of a strategic enterprise risk management program, thus supporting business outcomes.Creates and manages a targeted information security awareness training program for all employees, contractors, and approved system users and establishes metrics to measure its effectiveness for different audiences.Provides clear risk-mitigating directives for projects with components in IT, including the mandatory application of controls.Develops and enhances an up-to-date information security management framework based on the Texas Cybersecurity Framework and NIST 800-53.Develops and maintains a document framework of continuously up-to-date information security policies, standards, and guidelines. Oversee the approval and publication of these information security policies and practices.Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability, and protection of information assets.Develops and oversees effective disaster recovery policies and standards to align with the enterprise business continuity management (BCM) program goals.Assists with hardware, firewall, telecom, and software vendor evaluation, recommendation, and negotiations.Assists in developing, planning, and implementing recommended processes for maintaining a stable security environment.Monitors the performance and integrity of all systems using appropriate system administration tools.Recommends additional tools and procedures to improve stability and assist in proactively identifying potential problems.Participates in the deployment of new software and technology.Maintains accurate and timely documentation of systems, project plans, and work order progress.Ensures effective inter and intra-team communications.Understands, recommends, and provides network and security solutions.Maintains knowledge of current technology trends, especially those trends relating to the educational environment.Maintains and updates assigned Incident and Service Request tickets on a daily basis.Mentors and cross-trains team members on existing and new technologies.Maintains cooperative working relationships with other IT staff members.Performs other duties as assigned.
SOCIAL CONSTRUCTS REQUIRED OF POSITION:Display empathy and positive regard for others in written, verbal, and non-verbal communication.Work with colleagues and students by practicing punctuality, respect for deadlines, collaborative problem-solving, and honest communication.Be friendly and collegial with co-workers, faculty, students, staff, and visitors to the campus.Build trusting relationships by acting with integrity, courtesy, and responsibility, even under stressful or demanding workplace conditions.Attend training, read job-related materials, and meet with others in the area of responsibility to maintain proficiency as needed and approved.Dress appropriately for a workplace with frequent customer service interaction and community outreach.Meet all required standards.
#J-18808-Ljbffr
SUMMARY:Under the general supervision of the Executive Director of Information Technology Services, the incumbent provides a high level of information security analysis for Information Technology and other Temple College departments. Responsible for establishing and maintaining the information security program to ensure that information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected in the digital ecosystem in which Temple College operates. The incumbent is responsible for identifying, evaluating, and reporting on legal and regulatory, IT, and cybersecurity risks to information assets while supporting and advancing Temple College's objectives. Participates in the implementation efforts for various infrastructure projects. Provides consulting, problem determination and resolution, and needs analysis to support the use of technology by faculty, staff, and students. Additionally, the incumbent researches new technologies and leverages optimization techniques to ensure that systems operate efficiently.
MINIMUM EDUCATIONAL AND WORK REQUIREMENTS (MINIMUM QUALIFICATIONS):Master's Degree in Cybersecurity or Information Technology or related field and one (1) year directly related work experience, OR Bachelor's Degree in Cybersecurity or Information Technology or related field and three (3) years directly related work experience, OR Associate's Degree and five (5) years directly related work experience, or an equivalent blend of education and directly related work experience. Directly related work experience must be in an Information Networking or Security role. A combination of experience, certification, and education that demonstrates possession of the necessary knowledge and abilities for this position is required.
CERTIFICATION OR LICENSESA valid Texas Driver's License is required.
PREFERENCES:CompTIA Network+, Security+, CySA+, or equivalent.Fortinet Certified Associate (NSE4), or ability to earn within six months of hire.Previous work experience with Fortinet security products.Previous work experience in higher education or K12 environments.
RESPONSIBILITIES:Facilitates an information security governance structure by implementing a hierarchical governance program using the Information Technology Advisory Board.Defines and facilitates the processes for information security risk and legal and regulatory assessments, including reporting and overseeing treatment efforts to address negative findings.Provides regular reporting on the current status of the information security program to the College President and Executive Council as part of a strategic enterprise risk management program, thus supporting business outcomes.Creates and manages a targeted information security awareness training program for all employees, contractors, and approved system users and establishes metrics to measure its effectiveness for different audiences.Provides clear risk-mitigating directives for projects with components in IT, including the mandatory application of controls.Develops and enhances an up-to-date information security management framework based on the Texas Cybersecurity Framework and NIST 800-53.Develops and maintains a document framework of continuously up-to-date information security policies, standards, and guidelines. Oversee the approval and publication of these information security policies and practices.Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability, and protection of information assets.Develops and oversees effective disaster recovery policies and standards to align with the enterprise business continuity management (BCM) program goals.Assists with hardware, firewall, telecom, and software vendor evaluation, recommendation, and negotiations.Assists in developing, planning, and implementing recommended processes for maintaining a stable security environment.Monitors the performance and integrity of all systems using appropriate system administration tools.Recommends additional tools and procedures to improve stability and assist in proactively identifying potential problems.Participates in the deployment of new software and technology.Maintains accurate and timely documentation of systems, project plans, and work order progress.Ensures effective inter and intra-team communications.Understands, recommends, and provides network and security solutions.Maintains knowledge of current technology trends, especially those trends relating to the educational environment.Maintains and updates assigned Incident and Service Request tickets on a daily basis.Mentors and cross-trains team members on existing and new technologies.Maintains cooperative working relationships with other IT staff members.Performs other duties as assigned.
SOCIAL CONSTRUCTS REQUIRED OF POSITION:Display empathy and positive regard for others in written, verbal, and non-verbal communication.Work with colleagues and students by practicing punctuality, respect for deadlines, collaborative problem-solving, and honest communication.Be friendly and collegial with co-workers, faculty, students, staff, and visitors to the campus.Build trusting relationships by acting with integrity, courtesy, and responsibility, even under stressful or demanding workplace conditions.Attend training, read job-related materials, and meet with others in the area of responsibility to maintain proficiency as needed and approved.Dress appropriately for a workplace with frequent customer service interaction and community outreach.Meet all required standards.
#J-18808-Ljbffr